SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private
SSL is an important part of the web this day. The main two reasons are to establish trust in users eyes and to establish trust in Google. Our case study shows that websites that use SSL can rank much faster for some keywords then websites that don't use SSL.
Since we will cover in this post how to install SSL on Tomcat you will need to make sure that you have following before to start with these steps:
In this step, we will show you how to install certbot, we predict that you already have installed Tomcat on Linux.
Install certbot on Amazon EC2 Linux 2
There are two options on how you can install certbot. First one is to clone it from git, you can find the repository on the following link https://github.com/certbot/certbot.git. The command which you need is following
git clone https://github.com/certbot/certbot.git
In some cases the command above will not work, for that, we are providing you additional commands on how you can install certbot.
sudo amazon-linux-extras install epel
sudo yum install certbot
Installing SSL on Tomcat using certbot
Since we have installed certbot and tomcat now we need to generate our certificate.
Navigate under /usr/share( cd /usr/share/ )
Make new directory SSL ( sudo mkdir ssl )
Enter inside SSL folder ( cd ssl/ )
Now we have created a folder where we will store our certificate and first we need to create our keystore. In our case we will use as a name server.keystore, you can change it.
That was the last command, and now we have our SSL ready.
Configure server.xml for SSL
The last step is to configure server.xml so we will be able to see and use our SSL. Before that, you need to stop tomcat.Uncomment connector which is for SSL. See the picture below
keystorePass need to have the same value as value which you enter when you request SSL keystoreFile need to be path where is our keystore file in our case /usr/share/ssl/server.keystore
SSL is an important part of website security. It is must have the part for serious websites and tools. The SSL is mentioned for one of the most important rank factors for SEO. Google will give you more trust if you have valid SSL on your website. So do not wait to install one on your website. There are also paid SSL but this one is good for small websites. For the develop purpose, you can use a self-signed certificate.